From cc1054be66511c0cf3cb6769d464c9969e2b5415 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Sat, 2 Feb 2013 09:30:25 -0800
Subject: [PATCH] Correct handling of audited dispositions.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/Perl/Shorewall/Config.pm | 2 +-
 Shorewall/Perl/Shorewall/Rules.pm  | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/Shorewall/Perl/Shorewall/Config.pm b/Shorewall/Perl/Shorewall/Config.pm
index b2c663b17..f455f887a 100644
--- a/Shorewall/Perl/Shorewall/Config.pm
+++ b/Shorewall/Perl/Shorewall/Config.pm
@@ -5348,7 +5348,7 @@ sub get_configuration( $$$$ ) {
     }
 
     if ( $val = $config{INVALID_DISPOSITION} ) {
-	if ( $val =~ /^(?:A_)?(?:DROP|ACCEPT)$/ ) {
+	if ( $val =~ /^(?:A_)?DROP$/ ) {
 	    $globals{INVALID_TARGET} = $val;
 	} elsif ( $val eq 'REJECT' ) {
 	    $globals{INVALID_TARGET} = 'reject';
diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm
index 5af80ba50..b12610d56 100644
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@@ -950,6 +950,8 @@ sub finish_chain_section ($$$) {
 			delete $state{ESTABLISHED};
 		    }
 		    
+		    $target = ensure_audit_chain( $target ) if ( $targets{$target} || 0 ) & AUDIT;
+
 		    add_ijump( $chainref, g => $target, state_imatch $_ );
 		}